Cisco 300-206 Practice Exam Questions
Your career in IT industry takes a big leap by passing the CCNP Security certification exam in the first attempt and DumpsSchool Cisco 300-206 exam dumps help you to get this goal. Configuring and implementing security on Cisco network perimeter edge devices topics are well explained in 300-206 exam dumps of DumpsSchool.
Try it Latest DumpsSchool 300-206 Exam dumps. Buy Full File here: https://www.dumpsschool.com/300-206-exam-dumps.html (430 As Dumps)
Download the DumpsSchool 300-206 braindumps from Google Drive: https://drive.google.com/file/d/1EMLvhFrYAykLS9r0FMJtmIBQ9_6i7_YC/view (FREE VERSION!!!)
Question No. 1
You are the network security engineer for the Secure-X network. The company has recently detected Increase of traffic to malware Infected destinations. The Chief Security Officer deduced that some PCs in the internal networks are infected with malware and communicate with malware infected destinations.
The CSO has tasked you with enable Botnet traffic filter on the Cisco ASA to detect and deny further connection attempts from infected PCs to malware destinations. You are also required to test your configurations by initiating connections through the Cisco ASA and then display and observe the Real-Time Log Viewer in ASDM.
To successfully complete this activity, you must perform the following tasks:
* Download the dynamic database and enable use of it.
* Enable the ASA to download of the dynamic database
* Enable the ASA to download of the dynamic database.
* Enable DNS snooping for existing DNS inspection service policy rules..
* Enable Botnet Traffic Filter classification on the outside interface for All Traffic.
* Configure the Botnet Traffic Filter to drop blacklisted traffic on the outside interface. Use the default Threat Level settings
NOTE: The database files are stored in running memory; they are not stored in flash memory.
NOTE: DNS is enabled on the inside interface and set to the HQ-SRV (10.10.3.20).
NOTE: Not all ASDM screens are active for this exercise.
* Verify that the ASA indeed drops traffic to blacklisted destinations by doing the following:
* From the Employee PC, navigate to http://www.google.com to make sure that access to the Internet is working.
* From the Employee PC, navigate to http://bot-sparta.no-ip.org. This destination is classified as malware destination by the Cisco SIO database.
* From the Employee PC, navigate to http://superzarabotok-gid.ru/. This destination is classified as malware destination by the Cisco SIO database.
* From Admin PC, launch ASDM to display and observe the Real-Time Log Viewer.
You have completed this exercise when you have configured and successfully tested Botnet traffic filter on the Cisco ASA.
Question No. 2
Which options is the default logging buffer size in memory of the Cisco ASA adaptive security appliance?
Question No. 3
Which two commands can be used to create a Cisco Unified ACL within the ASA CU? (Choose two.)
Question No. 4
What are three of the RBAC views within Cisco IOS Software? (Choose three.)
Question No. 5
What are two primary purposes of Layer 2 detection in Cisco IPS networks? (Choose two.)
Question No. 6
Which statement about traffic storm control behavior is true?
Question No. 7
Which two VPN types can you monitor and control with Cisco Prime Security Manager? (Choose two.)
Question No. 8
What is the maximum jumbo frame size for IPS standalone appliances with 1G and 10G fixed or add-on interfaces?
Question No. 9
When it is configured in accordance to Cisco best practices, the switchport port-security maximum command can mitigate which two types of Layer 2 attacks? (Choose two.)
Question No. 10
Which statement describes a unique feature of Cisco NetFlow Secure Event Logging for Cisco ASAs?
300-206 Dumps Google Drive: (Limited Version!!!)
Exam Vendor: Cisco dumps